jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-23 03:44:00 -05:00
Code Issues Projects Releases Wiki Activity

Recommend to use 127.0.0.1 instead of localhost

Browse Source
This commit is contained in:
M Hickford
2022-09-28 18:42:54 +01:00
committed by GitHub
parent e29cf5c486
commit fc0f3bb727
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md
View File

@@ -297,9 +297,9 @@ subdirectory of the callback URL.
BAD: http://oauth.example.com:8080/path
BAD: http://example.org
### Localhost redirect urls
### Loopback redirect urls
The optional `redirect_uri` parameter can also be used for localhost URLs. If the application specifies a localhost URL and a port, then after authorizing the application users will be redirected to the provided URL and port. The `redirect_uri` does not need to match the port specified in the callback url for the app.
The optional `redirect_uri` parameter can also be used for loopback URLs. If the application specifies a loopback URL and a port, then after authorizing the application users will be redirected to the provided URL and port. The `redirect_uri` does not need to match the port specified in the callback url for the app.
For the `http://127.0.0.1/path` callback URL, you can use this `redirect_uri`:
@@ -307,6 +307,8 @@ For the `http://127.0.0.1/path` callback URL, you can use this `redirect_uri`:
http://127.0.0.1:1234/path
```
Note that OAuth RFC [recommends not to use `localhost`](https://datatracker.ietf.org/doc/html/rfc8252#section-7.3), but instead to use loopback literal `127.0.0.1` or IPv6 `::1`.
## Creating multiple tokens for OAuth Apps
You can create multiple tokens for a user/application/scope combination to create tokens for specific use cases.